rsa: Bring hash selection in-house

[secnet.git] / README

diff --git a/README b/README
index e23701c9151dc4d946523914dbbf81b2a69251fa..200da3742ba9ef91d7b4c81273c22184e02883ca 100644 (file)
--- a/README
+++ b/README
@@ -403,8 +403,6 @@ site: dict argument
   key (sigpubkey closure): our peer's public key (obsolete)
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
-  hash (hash closure): used for keys whose algorithm (or public
-    or private key file) does not imply the hash function
   key-lifetime (integer): max lifetime of a session key, in ms
     [one hour; mobile: 2 days]
   setup-retries (integer): max number of times to transmit a key negotiation
@@ -606,6 +604,11 @@ rsa-public: string,string
   arg1: encryption key (decimal)
   arg2: modulus (decimal)
 
+The sigscheme is hardcoded to use sha1.  Both rsa-private and
+rsa-public look for the following config key in their context:
+  hash (hash closure): hash function [sha1]
+
+
 ** dh
 
 Defines: